The invention is based on a priority application EP 04360049.3 which is hereby incorporated by reference.
This invention relates to a data authentication method for authenticating data to be sent from a first agent to a second agent in an agent based system. The method is used for a fraud resistant confirmation of documents and transactions between the agents of the software system. Agent based software systems are systems that work with mobile software agents. Therefore, these systems need to consider security aspects.
An agent is a software that handles special tasks in digital networks autonomously on behalf of the user. It is comprising software code, data and a current execution state. Agents accomplish repetitive, tedious and error-prone tasks for their users. Therefore, the agent has a certain degree of intelligence and a learning aptitude. The main characteristic of mobile agents is their capability to travel through the network. They move between different platforms in order to accomplish a task for their owner. Basically, an agent based software system is a network of many computers with mobile agents migrating between those platforms.
An example for an agent based software system is proposed as a multimedia workplace of the future (MAP), which is a project initiated by the German Federal Ministry of Economics and Labor (BMWA). MAP is focused on the integration of different technologies, components and methods for multimedia interactions between a user and a computer. MAP uses intelligent systems offering assistance and supporting delegation. Several demands on aspects of mobile agent security, including protection of mobile agents against malicious hosts, are focused in MAP. The system is based on and relies on the security of the agent platform. Known software components are used to ensure that attacking agents and private data is not possible. The security methods of these software components for an agent based software system are dependent on a secure platform, meaning the hardware and the software the system is run on is considered to be safe against any kind of fraud. So all safety considerations so far are dependent on a secure platform. A confirmation of documents or transactions between agents always needs a signature in order to guarantee the document really belongs to the person who pretends to have written and/or sent it. Signing digital documents is done with a digital signature that is based on private keys. If a key belongs to exactly one person, authentication is guaranteed. Furthermore, the signature ensures integrity and non-repudiation. Problems in agent based software systems may occur in handling the private keys. Agents may migrate to malicious hosts or meet malicious agents that could steel or copy the key and thus act as a fake identity. In mobile agent systems, which are independent of a certain platform these problems arise seriously, because of the fact that the agents easily can migrate to malicious hosts or meet malicious agents which could steel or copy their private key.